This repository has been archived by the owner on Aug 28, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 175
Multiple Audiences with Bearer Strategy #251
Labels
Comments
@bondseid This is a documentation bug. 'audience' in the configuration has to be a string, otherwise bearerStrategy won't recognize it and it issues an "options.audience is missing in jsonWebToken.verify" error message. We will add this feature in the future. |
lovemaths
added a commit
that referenced
this issue
Dec 3, 2016
lovemaths
added a commit
that referenced
this issue
Dec 3, 2016
lovemaths
added a commit
that referenced
this issue
Dec 6, 2016
lovemaths
added a commit
that referenced
this issue
Dec 6, 2016
lovemaths
added a commit
that referenced
this issue
Dec 9, 2016
Issue #251 Support multiple audiences with Bearer Strategy
@bondseid We already added this feature in the new release 3.0.4 |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hello,
We have token coming in from multiple resource endpoints and were protecting our server api with passport-azure-ad. Because of this we need to be able to verify against multiple audiences.
Our config:
identityMetadata: "https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration",
clientID: "clientID",
validateIssuer: false,
passReqToCallback: false,
allowMultiAudiencesInToken: true,
audience: ["clientId", "https://graph.windows.net"],
loggingLevel: "error"
From the readme i understood that i am able to set an array of strings for the audience parameter. When i do this however and test my token i get the following 401 response:
data: "options.audience is missing in jsonWebToken.verify"
headers: (c)
status: 401
statusText: "Unauthorized"
Am i missing something in my config?
The text was updated successfully, but these errors were encountered: